The same encryption that secures private enterprise data also provides security to malware authors and criminal networks.

Oftentimes, responsibility for securing the cloud falls to IT instead of the security organization, researchers report.

Learn about SOX compliance in Data Protection 101, our series on the fundamentals of data security.

IT professionals have the know-how and requisite privileges to deploy Bitcoin miners, and to cover their tracks. Could your organization be at risk?

Ransomware attacks in 2018 used Remote Desktop Protocol (RDP) as a main attack vector, according to a Webroot report.

CISOs: Stop abdicating responsibility for problems with users, it's part of your job.

Using an on-again, off-again strategy of C2 communication helps it hide from researchers.

Why you shouldn’t worry about the Momo Challenge, and what we can learn from it.

The Watchlist, which contained the identities of government officials, politicians, and people of political interest, is used to identify risk when researching someone.

News on a new data privacy bill, the FTC's latest $5.7M fine, and hacking Instagram profiles - catch up on the week's infosec news with this roundup!

The Threatpost team talks about the biggest cybersecurity stories, trends and research we’ll see at RSA this year.

Adobe has hurried out a patch for a critical arbitrary code execution vulnerability in its ColdFusion product.

What does the age of near-ubiquitous data breaches, deep fakes, and fallible biometric authentication mean for enterprise security?

New look at server data behind a previously-identified espionage campaign shows that it has exceeded researchers’ expectations in complexity, scope and breadth.

From the Momo Challenge to Mozilla’s potential insider threats from Aussie staff, and everything in between – it’s weekly roundup time.

Student researchers working with IBM X-Force Red team find security holes in five leading visitor management systems.

As many ponder the big ethical questions around cyber, some are proposing public interest technologist as a solution.

A security company was able to track command and control traffic generated by hacking groups thanks to an anomaly in a pen-testing tool.

Facebook, Signal and Telegram are all planning cryptocurrencies. But why these companies, why now, and will they be successful?

It’s been a predator’s playground, where children’s photos have been public by default and trolling adults could message them.

After big brands pulled ads, YouTube banned millions of comments, closed hundreds of accounts, and sped up development of a predator filter.